Trusted headers - auth plugin
-
Hi all.
Loving your work...!
We use Xen Orchestra behind a web proxy which handles our in-house authentication process.
This proxy passes the authentication result as an HTTP header field (in our case 'remote_user').I've written a plugin to use this result and it seems to work nicely. Is this something I can share?
Obviously this is completely insecure outside our use case, but works well for us (and maybe others).Thanks!
Geoff -
Here's the code (if you're interested):
-
Thanks! I'm pinging @julien-f
-
@geoffhouse Nice!
We don't have a process on how to handle external contributions like this one, we can integrate it to our main repository but we'll identify it as an external contribution and we'll mention you as maintainer if that's something you would want
We'll probably be able to handle trivial fixes but I don't want to have something new to maintain.
What do you think?
-
@julien-f That all sounds great - whatever works best for you guys.
-
The idea is to give the best visibility to your plugin
Though I don't think we'll ship it directly to our customer because it's an advanced use case
